smokeloader | fb8d63aca9de1c82dbbb05355b861db9b5d8c3d58b55d91b39c1b05d272fc2b0 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

fb8d63aca9de1c82dbbb05355b861db9b5d8c3d58b55d91b39c1b05d272fc2b0
Size

267KB
Sample

220918-y6q5nsffcp
MD5

363545d7b7cae22978bfab1fb9f996ae
SHA1

e21e552dabc599ff54fda52e4b6a64319c5186e1
SHA256

fb8d63aca9de1c82dbbb05355b861db9b5d8c3d58b55d91b39c1b05d272fc2b0
SHA512

2eec658eebcdac764d68371dbba34a4eab79f342fe5e7757334d5d9efd15df2b78ab776bb8f08a0965459cf1bb3a2d6548613c262609205a13c0151473bed217
SSDEEP

6144:oLzhr1LFiU2gEovjXtVm80e2igavwVfc:ofhr15iU2gEKQer

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

fb8d63aca9de1c82dbbb05355b861db9b5d8c3d58b55d91b39c1b05d272fc2b0.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  fb8d63aca9de1c82dbbb05355b861db9b5d8c3d58b55d91b39c1b05d272fc2b0
- Size
  
  267KB
- MD5
  
  363545d7b7cae22978bfab1fb9f996ae
- SHA1
  
  e21e552dabc599ff54fda52e4b6a64319c5186e1
- SHA256
  
  fb8d63aca9de1c82dbbb05355b861db9b5d8c3d58b55d91b39c1b05d272fc2b0
- SHA512
  
  2eec658eebcdac764d68371dbba34a4eab79f342fe5e7757334d5d9efd15df2b78ab776bb8f08a0965459cf1bb3a2d6548613c262609205a13c0151473bed217
- SSDEEP
  
  6144:oLzhr1LFiU2gEovjXtVm80e2igavwVfc:ofhr15iU2gEKQer
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy